Sometimes it takes an attacker literally getting his or her hands on a system to compromise information within it --which is why a number of security researchers are shining light on ways the bad guys could potentially break into office buildings, even those protected by key card systems and alarms. In one Black Hat presentation, Fran Brown of security firm Bishop Fox will show how he created a device using a commercially available Arduino circuit board and a key card reader made for parking garages that can steal key card information from door badges as far as three feet away -- a key first step in cloning fraudulent access cards.
Another talk by Brown's colleagues at Bishop Fox, Drew Porter and Stephen Smith, will describe how security researchers were able to create a rogue cell base station in order to intercept signals from one of the most widely used alarm key pads in order to prevent a system from reporting an alert to the authorities and to turn off the audible alarm.
Photo Source: Apple
At Black Hat, researchers will present a smorgasbord of new research on how to manipulate mobile devices to do things that their manufacturers never intended. Among the most dramatic findings will be from three researchers with the Georgia Institute of Technology who will show how it is possible to inject malware into iOS devices using maliciously tampered chargers, taking advantage in USB security weaknesses. Android devices won't be left unscathed. Researcher Kevin McNamee from Kindsight Security Labs will demonstrate a new Android SpyPhone software tool that could be maliciously injected into any application on an Android device. The tool would make it possible for remote attackers to track the phone's location, intercept calls, texts and emails, and activate the camera and microphone without detection.
Photo Source: Sprint
As mobile providers have looked to expand their service into the dead zones of their cellular networks, they've increasingly relied on femtocells, low-power base stations that essentially connect through the user's home Internet connection to hook into the provider's network. According to three researchers from iSec Partners, it's possible to hack these Linux-based boxes in order to silently observe and listen to all of the traffic coming in and out of a femtocell, without users ever knowing they connected to it or that someone else is eavesdropping.
The computer systems and networks that control the machinery in our nation's power plants, water treatment plants and other infrastructure facilities are lynchpins of modern society. They're also frequently antiquated and highly insecure. This year's show will feature a number of talks by researchers who have found how easy it is to hack into industrial systems from afar. The most notable talk will be given by a pair of researchers from IOActive who will show how they are able to inject data into the wireless remote sensors that many utility and petrochemical companies use to optimize their equipment.
The idea of hacking the most basic layer of a computer's software platform is hardly new, but the industry has worked hard to develop countermeasures to bootkit attacks. Security researchers at this year's Black Hat will show there's still more work to be done. In one talk, researchers with Mitre will offer proof-of-concept attacks that remain persistent in the BIOS after reboot, as well as a tool that detects these attacks through timing side-channels.
Some researchers are also taking the opportunity offer additional tools meant to counter some of the recent bootkits that circumvent UEFI security. Researchers with ReversingLabs plan to introduce a new Rootkit Detection Framework for UEFI (RDFU) while at the same time demonstrating a proof-of-concept bootkit for Apple OSX to show RDFU's effectiveness.
Two years ago, researcher Jay Radcliffe made waves when he demonstrated to Black Hat audiences how he could remotely hack the same type of insulin pump he depends on as a diabetic and remotely turn it off without the permission of a potential patient. That helped spur a number of research efforts by other security testers throughout the community, including Barnaby Jack of IOActive, who last year refined Radcliffe's work and showed a wireless device he created that could scan an area of 300 feet around it to take over those pumps and potentially dispense fatal doses of insulin to a victim.
Sadly, Jack, passed away suddenly, just days before he could reprise his talk with another one showing how it is possible to remotely take over implanted pacemaker devices. His talk will be replaced with a memorial, but IOActive CEO Jennifer Stephens said the company will eventually work to ensure Jack's work helps strengthen medical device security in the long run. Meanwhile, Radcliffe will return to Black Hat to give a case study to researchers on how to work with the FDA to disclose future vulnerabilities they may find in medical devices.
Password and credential theft continues to be a huge issue for organizations of all sizes who have to think not only about individual users being phished but also hackers stealing passwords wholesale from repositories within company databases. Most businesses are notoriously behind in implementing the latest cryptographic hashing technology that protects passwords in the database. A number of experts are putting together a new Password Hashing Competition that they hope will spur researchers to develop a more elegant, yet secure, alternative to what exists today.
Meanwhile, researchers from Accuvant Labs will build on last year's release of the Pass The Hash tool, which automates the process of conducting an attack against Windows authentication methods and makes it possible to log in using an encrypted hash of a password rather than the password itself.. This year's talk will discuss some of the weaknesses of Microsoft's countermeasures to the attack, which were introduced on the heels of the tool's launch.
Researchers with the firm Inverse Path will break the barrier of hacking Fast Ethernet layer 1 and 2 by demonstrating techniques that don't take the expensive hardware traditionally required to attack 802.3 technology. They'll release customized firmware designed to work with inexpensive hardware and describe how their techniques could be used against network embedded systems used in the automation, automotive and avionics industries.
Photo Source: Black Lotus
A trio of researchers from Bloodspear Research Group will introduce a new proof-of-concept tool that brings distributed denial-of-service (DDoS) attacks to the next level by effectively bypassing today's commercial DDoS mitigation tools through a technique they describe as "emulating legit traffic characteristics." They'll also propose some new countermeasures that could stop the type of attack they'll describe.
- Ericka Chickowski
- Connect Directly
9 Technologies Security Researchers Will Break At Black Hat
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.